Mass-mailer viruses like Bagle, Netsky and Mydoom are so passe. Hackers in the know are now concentrating on devising mobile phone viruses, executing phishing scams and exploiting vulnerabilities, according to McAfee Inc. The antivirus vendor is set to release its quarterly report on Internet threats today, with an eye on the dangers that lie ahead.
More than 1,000 vulnerabilities were discovered in the first quarter of this year, a 6% increase from a year earlier, McAfee said. And the outlook for the remainder of the year is not very reassuring, considering what the hackers have in store.
Almost gone are the days of mass-mailer viruses, which spread by sending copies of themselves to e-mail addresses harvested from an infected machine, according to Vincent Gullotto, vice president of McAfee's Anti-Virus Emergency Response Team. Hackers are now focusing their efforts on more lucrative and malicious ventures, he said.
Phishing scams, for instance, are some of the fastest-growing threats. In this type of scam, hackers use e-mail to direct Internet users to Web sites that look like legitimate e-commerce sites, such as online banks and auction services. Hackers actually control the sites and use them to steal sensitive information such as bank account details and passwords.
Phishing is becoming even more nefarious, as hackers are targeting their attacks, Gullotto said. Using tools like spyware programs and keystroke loggers, hackers are figuring out which banks Internet users do business with, he said. These kind of focused attacks are already common in Brazil and are set to grow worldwide, he added.
"Before it was a just a numbers game -- the more people you tried to fool, the higher rate of success," Gullotto said.
Criminals are also discovering new possibilities with mobile devices. Mobile viruses, which until recently seemed an unrealized threat, are now on the move, McAfee said. While the company detected five mobile malware threats in the fourth quarter of last year, that number now stands at 50, it said.
However, mobile attacks won't grow as rapidly as computer threats because of the variety of operating systems and the fact that devices are only intermittently connected to the Internet, Gullotto said.
"We still don't see the ability to produce a worldwide outbreak," he said. As iIf schemes designed to steal information, bungle mobile phones and spy on users weren't enough, McAfee also sees a marked increase in nonmalicious threats, such as adware. These Internet nuisances, which perform actions like repeatedly sending advertising pop-ups, are approaching the annoyance level that only spam once enjoyed, Gulloto said.
"Adware is growing exponentially, and it has the ability to spread very easily," he said.
More traditional threats like Trojan horses that masquerade as benign applications but in fact do harm, and bots, which are used to crawl Web sites collecting information, are still prevalent. Users should shield themselves as much as possible from all these threats by making sure that they use up-to-date antivirus software, employ spam filters and install the latest patches, McAfee said.